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Abstract 

Abstract. In this paper we consider the two major computational effects of states and exceptions, 
from the point of view of diagrammatic logics. We get a surprising result: there exists a symmetry 
between these two effects, based on the well-known categorical duality between products and coproducts. 
More precisely, the lookup and update operations for states are respectively dual to the throw and catch 
operations for exceptions. This symmetry is deeply hidden in the programming languages; in order to 
unveil it, we start from the monoidal equational logic and we add progressively the logical features which 
are necessary for dealing with either effect. This approach gives rise to a new point of view on states and 
exceptions, which bypasses the problems due to the non-algebraicity of handling exceptions. 

Introduction 

In this paper we consider two major computational effects: states and exceptions. We get a surprising 
result: there exists a symmetry between these two effects, based on the well-known categorical duality 
between products and coproducts (or sums). 

In order to get these results we use the categorical approach of diagrammatic logics, as introduced 
in |Duval 2003] and developed in [Dommguez &: Duval 2010] . For instance, in IDumas et al. 20TT] this ap- 
proach is used for studying an issue related to computational effects: controling the order of evaluation of the 
arguments of a function. This paper provides one more application of diagrammatic logics to computational 
effects; a preliminary approach can be found in [Duval &: Reynaud 2005) . 

To our knowledge, the first categorical treatment of computational effects is due to Moggi [Moggi 1989] 
]Moggi 1991] ; this approach relies on monads, it is implemented in the programming language Haskell 
IWadler 19921 IHaskell] . Although monads are not used in this paper, the basic ideas underlying our ap- 
proach rely on Moggi's remarks about notions of computations and monads. In view of comparing Moggi's 
approach and ours, let us quote [Moggi 1991] section 1]. The basic idea behind the categorical semantics 
below is that, in order to interpret a programming language in a category C, we distinguish the object A of 
values (of type A) from the object TA of computations (of type A), and take as denotations of programs (of 
type A) the elements of TA. In particular, we identify the type A with the object of values (of type A) and 
obtain the object of computations (of type A) by applying an unary type- constructor T to A. We call T a 
notion of computation, since it abstracts away from the type of values computations may produce. There 
are many choices for TA corresponding to different notions of computations. [. . . ] Since the denotation of 
programs of type B are supposed to be elements ofTB, programs of type B with a parameter of type A ought 
to be interpreted by morphisms with codomain TB , but for their domain there are two alternatives, either 
A or TA, depending on whether parameters of type A are identified with values or computations of type A. 
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We choose the first alternative, because it entails the second. Indeed computations of type A are the same as 
values of type TA. The examples proposed by Moggi include the side-effects monad TA = {Ax S)^ where 
S is the set of states and the exceptions monad TA = A + E where E is the set of exceptions. 

Later on, using the correspondence between monads and algebraic theories, Plotkin and Power proposed 
to use Lawvere theories for dealing with the operations and equations related to computational effects 
[Plotkin fc Power 2002[ [Hyland fc Power 2007 . The operations lookup and update are related to states, and 
the operations raise and handle are related to exceptions. In this framework, an operation is called algebraic 
when it satisfies some relevant genericity properties. It happens that lookup, update and raise are algebraic, 
while handle is not [Plotkin fc Power 2003] . It follows that the handling of exceptions is quite difficult to 
formalize in this framework; several solutions are proposed in [Schroder fc Mossakowski 2004[ [Levy 2006} 
IPlotkin fc Pretnar 2009) . In these papers, the duality between states and exceptions does not show up. One 
reason might be that, as we will see in this paper, exceptions catching is encapsulated in several nested 
conditionals which hide this duality. 

Let us look more closely at the monad of exceptions TA = A + E. According to the point of view 
of monads for effects, a morphism from A to TB provides a denotation for a program of type B with a 
parameter of type A. Such a program may raise an exception, by mapping some a e ^ to an exception 
e G E. In order to catch an exception, it should also be possible to map some e € E to a, non-exceptional 
value b € B. We formalize this property by choosing the second alternative in Moggi's discussion: programs 
of type B with a parameter of type A are interpreted by morphisms with codomain TB and with domain TA, 
where the elements of TA are seen as computations of type A rather than values of type TA. This example 
enlightens one of the reasons why we generalize Moggi's approach. What is kept, and even emphasized, is 
the distinction between several kinds of programs. In fact, for states as well as for exceptions, we distinguish 
three kinds of programs, and moreover two kinds of equations. A computational effect is seen as an apparent 
lack of soundness: the intended denotational semantics is not sound, in the sense that it does not satisfy the 
given axioms, however it becomes sound when some additional information is given. 

In order to focus on the effects, our study of states and exceptions is based on a very simple logic: the 
monadic equational logic. First we provide a detailed description of the intended denotational semantics 
of states and exceptions, using explicitly a set of states and a set of exceptions (claims [TTT] and |T3]). The 
duality between states and exceptions derives in an obvious way from our presentation (proposition 11.61) . 
It is a duality between the lookup and update operations for states, on one hand, and the key throwing 
and catching operations for exceptions, on the other hand. The key part in throwing an exception is the 
mapping of some non-exceptional value to an exception, while the key part in catching an exception is the 
mapping of some exception to a non-exceptional value. Then these key operations have to be encapsulated in 
order to get the usual raising and handling of exceptions: handling exceptions is obtained by encapsulating 
the key catching operation inside conditionals. Then we describe the syntax of states and exceptions. The 
computational effects lie in the fact that this syntax does not mention any "type of states" or "type of 
exceptions" , respectively. There are two variants for this syntax: the intended semantics is not a model of 
the apparent syntax, but this lack of soundness is fixed in the decorated syntax by providing some additional 
information (proDOsitions l3.5l and l4.7p . The duality between states and the key part of exceptions holds at the 
syntax level as a duality of effects ftheorem l5.ip . from which the duality at the semantics level derives easily. 
We use three different logics for formalizing each computational effect: the intended semantics is described in 
the explicit logic, the apparent syntax in the apparent logic and the decorated syntax in the decorated logic. 
The explicit and apparent logics are "usual" logics; in order to focus on the effects we choose two variants 
of the monadic equational logic. The framework of diagrammatic logics provides a simple description of 
the three logics, including the "unusual" decorated logic; most importantly, it provides a relevant notion of 
morphisms for relating these three logics. 

The paper is organized as follows. The intended semantics of states and exceptions is given in section [1] 
and the duality is described at the semantics level. Then a simplified version of the framework of diagram- 
matic logics for effects is presented in section |5J together with a motivating example in order to introduce 
the notion of "decoration" . Section |3| is devoted to states and section |4| to exceptions. In section |5l the 
duality is extended to the syntax level. In appendix I3 some fundamental properties of states and excep- 
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tions are proved in the decorated logic. In this paper, the word "apparent" is used in the sense of "seeming" 
( "appearing as such but not necessarily so" ) . 

1 States and exceptions: duality of denotational semantics 

In this section, the symmetry between states and exceptions is presented as a duality between their intended 
denotational semantics (proposition The aim of the next sections is to extend this result so as to get 
a symmetry between the syntax of states and exceptions, considered as computational effects, from which 
the duality between their semantics can be derived (theorem [OJ. In this section we are dealing with sets 
and functions; the symbols x and Y[ used for cartesian products, + and ^ for disjoint unions; cartesian 
products are products in the category of sets and disjoint unions are sums or coproducts in this category. 

1.1 States 

Let St denote the set of states. Let Loc denote the set of locations (also called variables or identifiers). For 
each location i, let Vah denote the set of possible values for i. For each i £ Loc there is a lookup function 
li : St ^ Vali for reading the value of location i in the given state. In addition, for each i € Loc there is an 
update function Ui : Vali x St ^ St for setting the value of location i to the given value, without modifying 
the values of the other locations in the given state. This is summarized as follows. For each i G Loc there 
are: 

• a set Vali (values) 

• two functions U : St ^ Vali (lookup) 
and Ui : Vali x St ^ St (update) 

• and two equalities 

Va G Vali , \f s £ St , li{ui{a, s)) — a 

Va G Vali , \/ s E St , lj{ui{a, s)) — lj{s) for every j ^ i E Loc 

Let us assume that St — YiieLoc ^'^h with the liS as projections. Then two states s and s' are equal if and 
only if li{s) = li{s') for each i, and the equalities [T] form a coinductive definition of the functions u^'s. 

Claim 1.1. This description provides the intended semantics of states. 

In Plotki n fc Power 2002) an equational presentation of states is given, with seven families of equations. 
In [Mellies 2010) these equations are expressed as follows. 

L Annihilation lookup-update: reading the value of a location i and then updating the location i with the 
obtained value is just like doing nothing. 

2. Interaction lookup-lookup: reading twice the same location loc is the same as reading it once. 

3. Interaction update-update: storing a value a and then a value a' at the same location i is just like 
■storing the value a' in the location. 

4. Interaction update-lookup: when one stores a value a in a location i and then reads the location i, one 
gets the value a. 

5. Commutation lookup-lookup: The order 0/ reading two different locations i and j does not matter. 

6. Commutation update-update: the order of storing in two different locations i and j does not matter. 

7. Commutation update-lookup: the order of storing in a location i and reading in another location j does 
not matter. 
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These equations can be translated in our framework as follows, with ^^(2) • St -> Vali x St defined by 
k{2){s) = ili{s),s) and prry^i. : Vak x St St by prr y^;. (a, s) = s. 

(1) Vi G Loc, Vs e 5'i, Ui(Zi(2)(s)) = s € St 

(2) Vi e Loc, Vs e k{prr y^i.{li(2){s))) = ^i(s) G Va/j 

(3) Vi G Loc, Vs G a, a' G Vali, Ui{a' ,Ui{a, s)) —Ui{a',s) G St 

(4) Vi G Loc, Vs e St, a e Vak, k{ui{a,s)) = a G VaZ.; (2) 

(5) V^ 7^ J G Loc, Vs G G,(s), /j(;,(2)(s))) = (1,(1, ^^^{s)),lj{.s)) G Va/. x I/aZ^ 

(6) 7^ j G Loc, Vs G 5^, a G Va/.^, & G Va/j, Uj{b,Ui{a, s)) — Ui{a,Uj{b, s)) G 5^ 

(7) yi ^ j ^ Loc, Vs G 5^, a G Va/^, Ij ^^^{ui{a, s)) — {lj{s),Ui{a, s)) G VaZj x S't 

Proposition 1.2. Let us assume that St ~ YiieLoc ^^^h with the li 's as projections. Then equations]^ and\^ 
are equivalent. 

In fact, we prove that, without the assumption about St, equations [T] are equivalent to equations [5] 
considered as observational equations: two states s and s' are observationaly equivalent when lk{s) = Ikis') 
for each location k. These properties are revisited in proposition 13.61 and in appendix El 

Proof. Equations (2) and (5) follow immediately from prry^^i. {h(2){s)) = s. Equation (4) is the first equation 
in[TJ Equation (7) is {lj{ui{a, s)),Ui{a, s)) = {lj{s),Ui{a, s)), which is equivalent to lj{ui{a,s)) — lj{s): this 
is the second equation in[T] For the remaining equations (1), (3) and (6), which return states, it is easy to 
check that by applying Ik to both members and using equations [T] we get the same value in Valk for each 
location k. □ 



1.2 Exceptions 

The syntax for exceptions heavily depends on the language. For instance: 

• In ML- like languages there are several exception names, called constructors; the keywords for raising 
and handling exceptions are raise and handle, which are used in syntactic constructions like: 

raise i a and . . . handle i a => g(a) I j b => h(b) I ... 
where i,j are exception constructors, a, b are parameters and g, h are functions. 

• In Java there are several exception types; the keywords for raising and handling exceptions are throw 
and try-catch which are used in syntactic constructions like: 

throw new i(a) and try { . . . } catch (i a) g catch (j b) h ... 

where i,j are exception types, a, b are parameters and g, h are programs. 

In spite of the differences in the syntax, the semantics of exceptions is rather similar in many languages. 
A major point is that there are two kinds of values: the ordinary (i.e., non-exceptional) values and the 
exceptions; it follows that the operations may be classified according to the way they may, or may not, 
interchange these two kinds of values. 

First let us focus on the raising of exceptions. Let Exc denote the set of exceptions. Let ExCstr denote 
the set of exception constructors. For each exception constructor i, there is a set of parameters Pari and a 
function ti : Pari — >■ Exc for building the exception ti{a) of constructor i with the given parameter a G Pari, 
called the key throwing function. Then the function raisci^y '■ Pari Y + Exc for raising (or throwing) an 
exception of constructor i into a type Y is made of the key throwing function ti followed by the inclusion 
inry ■ Exc -^Y + Exc. 



raisCi^Y = throwi^y — inry o ti 



Pari 



Y + Exc 



Pari 




Exc 



(3) 



Exc 
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Claim 1.3. The function ti : Pari Exc is the key function for throwing an exception: in the construction 
of the raising function {raisei^y), only ti turns a non-exceptional value a G Pari to an exception ti{a) S Exc. 

Given a function f : X Y + Exc and an element x G X, if f{x) ~ raisci^yio) & Y + Exc for 
some a G Pari then one says that f{x) raises an exception of constructor i with parameter a into Y. 
One says that a function f : X + Exc Y + Exc propagates exceptions when it is the identity on Exc. 
Clearly, any function f : X ^ Y + Exc can be extended by propagating exceptions: the extended function 
Ppgif) : X + Exc Y + Exc coincides with f on X and with the identity on Exc. 

Now let us study the handling of exceptions, starting from its description in Java [J aval Ch. 14]. 
A try statement without a finally block is executed by first executing the try block. Then there is a choice: 

1. If execution of the try block completes normally, then no further action is taken and the try statement 
completes normally. 

2. If execution of the try block completes abruptly because of a throw of a value V , then there is a choice: 

(a) If the run-time type of V is assignable to the parameter of any catch clause of the try statement, 
then the first (leftmost) such catch clause is selected. The value V is assigned to the parameter of 
the selected catch clause, and the block of that catch clause is executed. 

i. If that block completes normally, then the try statement completes normally; 
ii. if that block completes abruptly for any reason, then the try statement completes abruptly for 
the same reason. 

(b) If the run-time type ofV is not assignable to the parameter of any catch clause of the try statement, 
then the try statement completes abruptly because of a throw of the value V . 

3. If execution of the try block completes abruptly for any other reason, then the try statement completes 
abruptly for the same reason. 



In fact, points 2(a)i and 2(a)ii can be merged. Our treatment of exceptions is similar to the one in Java 
when execution of the try block completes normally (point [Ij or completes abruptly because of a throw of 
an exception of constructor i G ExCstr (point [2]). Thus, for handling exceptions of constructors zi, . . . , j„ 
raised by some function f : X ^Y -\- Exc, using functions gi : Pari-^ — > y + Exc, . . . , g„ : Pari^ Y -\- Exc, 
for every n > 1, the handling process builds a function; 

f handle ii^gil ... |i„=>g„ = try{f} catchii {gi} catchi2 {g2} ---catchin {gn} 

which may be seen, equivalently, either as a function from X to Y -\- Exc or as a function from X + Exc to 
Y + Exc which propagates the exceptions. We choose the second case, and we use compact notations: 

/ handle {ik^gk)i<k<n = try{f} catch ik{gk}i<k<n ■ X + Exc -^Y + Exc 

This function can be defined as follows. 

For each x E X + Exc, (/ handle {ik=^9k)i<k<n){x) G F + Exc is defined by: 
if x G Exc then return x G Exc C y + Exc; 
II now x is not an exception 
compute y := f{x) G y + Exc; 
if y G y then return ?/ G y C y + Exc; 
II now y is an exception 
for k ~ l..n repeat 

if y = ti^ (a) for some a G Pari,^ then return gk{a) G y + Exc; 
1 1 now y is an exception not constructed from any i G {ii, . . . , in} 
return y G Exc QY-\- Exc. 
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In order to express more clearly the apparition of the parameter a when y is an exception of constructor 
ik, we introduce for each i G ExCstr the function Cj : Exc — >■ Pari + Exc, called the key catching function, 
defined as follows: 

For each e € Exc, Ci{e) € Pari + Exc is defined by: 
if e = ti{a) then return a £ Pa,ri C Pari + Exc; 
I j now e is an exception not constructed from i 
return e G Exc C Pari + Exc. 

This means that the function Cj tests whether the given exception e has constructor i, if so then it catches the 
exception by returning the parameter a G Pari such that e = ti{a), otherwise Ci propagates the exception e. 
Using the key catching function the definition of the handling function can be re-stated as follows, with 
the three embedded conditionals numerated from the innermost to the outermost, for future use. 

For each x G X + Exc, (/ handle {ik=>9k)i<k<n){x) & Y + Exc is defined by: 
(3) if a; G Exc then return x G Exc CY + Exc; 

I j now x is not an exception 
compute y := f{x) gY + Exc; 

(2) if y G y then return y gY CY + Exc; 

I I now y is an exception 
for fc = l..n repeat 

compute y :— Ci^{y) G Pari^, + Exc; 

(1) if y G Pari^. then return gk{y) GY + Exc; 
1 1 now y is an exception not constructed from any i G {ii, . . . , i„} 
return y G Exc CY + Exc. 

Note that whenever several i's are equal in {ii, . . . ,in), then only the first gi may be used. 

Claim 1.4. The function q : Exc — > Pari + Exc is the key function for catching an exception: in the 
construction of the handling function (/ handle i^ g), only Cj may turn an exception e G Exc to a non- 
exceptional value Cj(e) G Par^, the other parts of the construction propagate all exceptions. 

The definition of the handling function is illustrated by the following diagrams; each diagram corresponds 

to one of the three nested conditionals, from the innermost to the outermost. The inclusions are denoted by 
inl A : A ^ A + Exc and inrA '■ Exc A + Exc (subscripts may be dropped) and for every a : A B and 
e : Exc B the corresponding conditional is denoted by [a | e] : A -|- Exc — >■ B, it is characterized by the 
equalities [ci | e] o inl a = a and [a | e] o inrA = e. 

1. The catching functions catch ik{gk}p<k<n '■ Exc -^Y + Exc are defined recursively by 



catch ik{gk}p<k<n = 



[gn I inry] o Cj^ when p = n 

[gp I catch ik{gk}p+i<k<n] o (H^ when p<n 




Pari^ 



(4) 



Exc 



Y + Exc 



Exc 



where . . . stands for inry when p = n and for catch ik{9k}p+i<k<n when p <n. 
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2. Then the function H : X ^ Y + Exc, which defines the handhng function on non-exceptional values, 
is defined as 




3. Finally the handling function is the extension of H which propagates exceptions 

try {f} catch ik{gk}i<k<n = [H \ inry] 




The next claim is based on our previous analysis of Java exceptions; it is also related to the notion of 
monadic reflection in [Filinski 1994j . 

Claim 1.5. This description provides the intended semantics of exceptions. 

Let us come back to the key operations ti and Ci for throwing and catching exceptions. For each i G ExCstr 
there are: 

• a set Pari (parameters) 

• two functions ti : Pari ^ Exc (key throwing) 
and Ci : Exc — s> Far,; + Exc (key catching) 

• and two equalities 

Va G Pari , Ci{ti{a)) = a G Pari Q Pari + Exc 

V6 G Parj , Ci{tj{b)) ~ tj{b) G Exc C Pari + Exc for every j i € Loc 

This means that, given an exception e of the form ti{a), the corresponding key catcher a recovers the 
non-exceptional value a while the other key catchers propagate the exception e. Let us assume that Exc = 
TliieExCstr ^'^'''i with the tiS as coprojections. Then the equalities [7] form an inductive definition of the 
functions q's. 

1.3 States and exceptions: the duality 

Figure [T] recapitulates the properties of the functions lookup {U) and update (ui) for states on the left, and 
the functions key throw (ti) and key catch (c^) for exceptions on the right. Intuitively: for looking up the 
value of a location i, only the previous updating of this location is necessary, and dually, when throwing an 
exception of constructor i only the next catcher for this constructor is necessary (see section 15. 2[) . The next 
result follows immediately from figure [T] 
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States 


Exceptions 


i £ Loc, Vak, 
St(.= Ili^LocVah) 
cartesian products: 

prL prr- 

Val, -H^ Vali X St — ^ 5"^ 


i G ExC'str, Pari, 
disjoint unions: 

inrt inli ^ 

Exc > Pari + Exc < Pari 


k : St Vak 
Ui : Vak X St ^ St 


Exc <— Pari '■ ti 
Pari + Exc -s— Exc : Ci 


prl- 

Vak X St — > Vak 

Mi 1 = 1 id 

St !■ Vak 

'o rr t ' 

Vak X 5"^ -^-^ St ^ Valj 


Pari + Exc i Pari 

1 f ' 

Exc < Par^ 

inr ' ^ J 

Pari + Exc ^ Exc i Parj 


St > Valj 

(j ^ ^) 


Exc < Parj 

ij + i) 



Figure 1 : Duality of semantics 

Proposition 1.6. The well-known duality between categorical products and coproducts can be extended as a 
duality between the semantics of the lookup and update functions for states on one side and the semantics of 
the key throwing and catching functions for exceptions on the other. 

It would be unfair to consider states and exceptions only from this denotational point of view. Indeed, 
states and exceptions are computational effects, which do not appear explicitly in the syntax: in an imperative 
language there is no type of states, and in a language with exceptions the type of exceptions that may be 
raised by a program is not seen as a return type for this program. In fact, our result (theorem 15. ip is that 
there is a duality between states and exceptions considered as computational effects, which provides the 
above duality (propostion ll.6p between their semantics. 

2 Computational effects 

In sections[3]and[4]we will deal with states and exceptions as computational effects. In this section, we present 
our point of view on computational effects. First a motivating example from object-oriented programming 
is given, then a simplified version of the framework of diagrammatic logics is presented, and finally this 
framework is applied to effects. 

2.1 An example 

In this section we use a toy example dealing with the state of an object in an object-oriented language, in 
order to outline our approach of computational effects. Let us build a class BankAccount for managing (very 
simple!) bank accounts. We use the types int and void, and we assume that int is interpreted as the set 
of integers Z and void as a singleton {★}. In the class BankAccount, there is a method balance () which 
returns the current balance of the account and a method deposit (x) for the deposit of x Euros on the 
account. The deposit method is a modifier, which means that it can use and modify the state of the current 
account. The balance method is an inspector, or an accessor, which means that it can use the state of the 
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current account but it is not allowed to modify this state. In the object-oriented language C++, a method 
is called a member function; by default a member function is a modifier, when it is an accessor it is called 
a constant member function and the keyword const is used. So, the C++ syntax for declaring the member 
functions of the class BankAccount looks like: 

int balance ( ) const ; 
void deposit (int) ; 

Forgetting the keyword const, this piece of C++ syntax can be translated as a signature Sbank,app) which 
we call the apparent signature: 

J balance : void int 

^bank,app • S , . . . , (°) 

I deposit : mt void 

In a model (or algebra) of the signature Sbank.appj the operations would be interpreted as functions: 

J [[balance]] : {★} ^ Z 
1^ [[deposit]] : Z -)> {★} 

which clearly is not the intended interpretation. 

In order to get the right semantics, we may use another signature Sbank.expi, which we call the explicit 
signature, with a new symbol state for the "type of states" : 

J balcince : state — >■ int , , 

^bank,expl ■ S (9) 

I deposit : mt x state — > state 

The intended interpretation is a model of the explicit signature Sbank.expi, with St denoting the set of states 
of a bank account: 

f [[balance]] : St^Z 

\ [[deposit]] -.Zx St^ St 

So far, in this example, we have considered two different signatures. On the one hand, the apparent 
signature Sbank.app is simple and quite close to the C++ code, but the intended semantics is not a model of 
Sbank,app- On the Other hand, the semantics is a model of the explicit signature Sbank.expi, but Sbank.expi 
is far from the C++ syntax: actually, the very nature of the object-oriented language is lost by introducing 
a "type of states" . Let US now define a decordtcd signature 5ji5a,nk,deco? 

which is still closer to the C++ code 

than the apparent signature and which has a model corresponding to the intended semantics. The decorated 

signature is not exactly a signature in the classical sense, because there is a classification of its operations. 
This classification is provided by superscripts called decorations: the decorations "(1)" and "(2)" correspond 
respectively to the object-oriented notions of accessor and modifier. 

I balEmce^-"^^ : void int 

Sbank,deco ■ \ , . f9i . . , (10) 

I deposit^ : mt — >■ void 

The decorated signature is similar to the C++ code, with the decoration "(1)" corresponding to the keyword 
"const" . In addition, we claim that the intended semantics can be seen as a decorated model of this decorated 
signature. 

In order to add to the signature the constants of type int like 0, 1, 2, ... and the usual operations on 
integers, a third decoration is used: the decoration "(0)" for pure functions, which means, for functions 
which neither inspect nor modify the state of the bank account. So, we add to the apparent and explicit 
signatures the constants 0, 1, . . . : void int and the operations +,-,*: int x int — >■ int, and we 
add to the decorated signature the pure constants 0^°\ ...: void — >■ int and the pure operations 

+ ^°\ _(o)^,,,(o) . ^j^^ _^ ^j^^ Yqj. instance in the C++ expressions 



deposit (7); balance () and 7 + balance () 
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composition is expressed in several different ways: in the functional way /(a), in the infix way afb and in 
the imperative way c;c'. In the explicit signature, these expressions can be seen as the terms balance o 
deposit o (7 X idstate) and + o (7 x balance), with void x state identified with state: 

/xidstate deposit balance 

State ~ void x state > int x state > state > int 

7xbalance + 

state ~ void x state !■ int x int > int 

In the decorated signature, they can be seen as the decorated terms 
balance"^ o deposit'^) q 7(0) g^^^^ +(o) ^ (7«>^balance^"}: 

7(0) deposit"' balance'" 

void > mt > void > mt 

(7™, balance'") +«> 

void > int x int > int 

These two expressions have different effects: the first one is a modifier while the second one is an accessor; 
however, both return the same result (an integer). We introduce the symbol ~ for the relation "same result, 
maybe distinct effects" ; the relation ^ will be considered as a decorated version of the equality. 

balance^" o deposit^2) ^ 7(0) _ o (7<°\ balance^") 

2.2 Simplified diagrammatic logics 

In this paper, as in jPominguez fc Duval 2010) and [D umas et al 2011] . we use the point of view of diagram- 
matic logics for dealing with computational effects. One fundamental feature of the theory of diagrammatic 
logics is the distinction between a logical theory and its presentations (or specifications). This is the usual 



point of view in the framework of algebraic spe cifications [Ehrig fc Mahr 1985 , but not always in logic, as 
mentioned by F.W. Lawvere in his foreword to [Adamek et al. 201 Ij : Yet many works in general algebra 
(and model theory generally) continue anachronistically to confuse a presentation in terms of signatures with 
the presented theory itself. A second fundamental feature of the theory of diagrammatic logics is the defini- 
tion of a rich family of morphisms of logics. Computational effects, from our point of view, heavily depend 
on some morphisms of logics. Thus, in this paper, in order to focus on states and exceptions as effects, we 
use a simplified version of diagrammatic logics by dropping the distinction between a logical theory and its 
presentations. It is only in remark [2.91 that we give some hints about non-simplified diagrammatic logics. 

On the other hand, with the same goal of focusing on states and exceptions as effects, in sections [3] and |4] 
the base logic is the very simple (multi-sorted) monadic equational logic, where a theory is made of types, 
unary terms and equations. We will occasionally mention the equational logic, where in addition a theory 
may have terms of any finite arity. In order to keep the syntactic aspect of the logics, we use a congruence 
relation between terms rather than the equality; in the denotational semantics, this congruence is usually 
interpreted as the equality. 

Definition 2.1. A simplified diagrammatic logic is a category T with colimits; its objects are called the 
T-theories and its morphisms the morphisms of T-theories. A morphism of simplified diagrammatic logics 
_F : T T' is a left adjoint functor. This yields the category of simplified diagrammatic logics. 

Example 2.2 (Monadic equational logic). A monadic equational theory might be called a "syntactic cat- 
egory" : it is a category where the axioms hold only up to some congruence relation. Precisely, a monadic 
equational theory is a directed graph (its vertices are called objects or types and its edges are called morphisms 
or terms) with an identity term idx : X X for each type X and a composed term g o f : X ^ Z for each 
pair of consecutive terms (f : X ~> Y, g : Y ^ Z); in addition it is endowed with equations f = g : X ^ Y 
that form an equivalence relation on parallel terms, denoted by =, which is a congruence with respect to 
the composition and such that the associativity and identity axioms hold up to congruence. This definition 
of the monadic equational logic can be described by a set of inference rules, as in figure [21 A morphism of 
monadic equational theories might be called a "syntactic functor" : it maps types to types, terms to terms 
and equations to equations. 
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, f -.X g:Y X 
(comp) ^ , / . ^ (id) 



(assoc) 



go f : X ^ Z ^ ' idx ■■ X ^ X 

f:X~^Y g:Y^Z h : Z ^ W 
ho{go f) = {ho g) o / 



. f -X ^Y , ^ J -.X ^Y 

(id-src) - — _ (id-tgt) — — — - 

f oidx = J idyo J ^ J 

(^-refl) — - (^-sym) (^-trans) 

/=/ .9 = / /="- 



(=-subs) 
(=-rGpl) 



gi° f = g2° f ■■ X ^ z 

h = h:X^Y g:Y^Z 

g° h = g° h'- X ^ Z 



Figure 2: Rules of the monadic equational logic 



Example 2.3 (Equational logic). An equational theory might be called a "syntactic category with finite 
products" . Precisely, an equational theory is a monadic equational theory with in addition, for each finite 
family {Yi)i<n^n of types, a product (up to congruence) made of a cone (g^ : 11^=1 ^ ^ ^i)i<i<ri such that 
for each cone [fi : X — > Yi)i<i<:n with the same base there is a term (/i, . . . , /„} : X — > rijLi ^ such that 
Qi ° {fii ■ ■ ■ , fn) = fi for each i, and whenever some g : X 11^=1 ^ such that qi o g = for each i 
then g = (/i, . . . , /„). When n = this means that in an equational theory there is a terminal type 1 such 
that for each type X there is a term {)x ■ X ^ 1, which is unique up to congruence in the sense that 
every g : X 1 satisfies g = A morphism of equational theories is a morphism of monadic equational 
theories which preserves products. This definition can be described by a set of inference rules, as in figure [3] 
When there are several parts in the conclusion of a rule, this must be understood as a conjunction (which 
might be avoided by writing several rules). The monadic equational logic may be seen as the restriction of 
the equational logic to terms with exactly one "variable" . The functor which maps each monadic equational 
theory to its generated equational theory is a morphism of simplified diagrammatic logics, with right adjoint 
the forgetful functor. 

Given a simplified diagrammatic logic, we define the associated notions of model and inference system. 
We often write "logic" instead of "simplified diagrammatic logic" . 

Definition 2.4. Let T be a logic. Let $ and Q be T-theories, a model of $ in is a morphism from $ 
to 9 in T. Then the triple A = (4>, 9, M) is a language on T with syntax $ and semantics M. The set of 
models of <i> in 9 is denoted by ModT(<&, 9). 

Remark 2.5. The definitions are such that every simplified diagrammatic logic T has the soundness prop- 
erty: in every language, the semantics is a model of the syntax. 

Definition 2.6. Let T be a logic. An inference rule is a morphism p : C — > "H in T. Then H is the hypothesis 
and C is the conclusion of the rule p. Let $o and $ be T-theories, an instance of $o in $ is a morphism 
K : $0 ^ in T. The inference step applying a rule p : C — !■ H to an instance k : "H — > $ of H in $ is the 
composition in T, which builds the instance k o p : C — J> $ of C in $. 
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Rules of the monadic equational logic, and for each n g N: 

Yi . . . y„ 

: n"=i Y, ^ F,)i<.<„ (/, : X ^ y.)i<»<n 


i.e., when n — 0: 

1 
X 


(/!,...,/„) :x^n;=i>s- V* (/!,...,/„) = /. 

: n"=i ^ i^j)i<i<« g ■■ X ^ lVj=i Yj yiqi° g = fi 


Ox-.x^i 

g:X^l 


g = (/i, •■•,/«) 


g^Ox 



Figure 3: Rules of the equational logic 



Remark 2.7. The rule p : C ^ % may be represented in the usual way as a "fraction" or as ^^p'^'g) ^'' 



it 



when % is the colimit of several theories, see example 12.81 In addition, in IDomfnguez & Duval 2010 

i n ; ■ 

is explained why an inference rule written in the usual way as a "fraction" is really a fraction in the 
categorical sense of [Gabriel &i Zisman 1967) . but with "H on the denominator side and C on the numerator 
side. 



Example 2.8 (Composition rule). Let us consider the equational logic Tcq, as in example 12. 31 The category 
of sets can be seen as an equational theory Qsct^ with the equalities as equations and the cartesian products 
as products. Let us define the equational theory "of integers" $int as the equational theory generated by a 
type /, three terms z : 1 -> / and s,p -.1^1 and two equations s o p = idj and p o s = idj. Then there is 
a unique model Mint of $int in ©set which interprets the sort / as the set Z of integers, the constant term z 
as and the terms s and p as the functions x t-^ x + 1 and x t-^ x — 1. In the equational logic Toq, let us 
consider the composition rule: 

f:X^Y g:Y^Z 
gof:X^Z 

Let H be the equational theory generated by three types X, Y, Z and two consecutive terms f : X ~^ Y, 
g : Y ^ Z; let C he the equational theory generated by two types T, T' and a term t : T ^ T'. The 
composition rule corresponds to the morphism of equational theories from C to H which maps t to go f. Let 
us consider the instance k of H in $int which maps / and g respectively to z and s, then the inference step 
applying the composition rule to this instance k builds the instance of C in $i„t which maps t to s o z, as 
required. Moreover, H can be obtained as the pushout of Hi (generated by X, Y and f : X ^ Y) and 
(generated by Y, Z and g : Y Z) on their common part (the equational theory generated by Y). Then 
the instance k of "H in $int can be built from the instance ki of Tii in $int mapping f to z and the instance 
K2 of H2 in <J>int mapping g to s. 

Remark 2.9. In this simplified version of diagrammatic logic, the morphisms of theories serve for many 
purposes. However in the non-simplified version there is a distinction between theories and their presentations 
(called specifications), which results in more subtle definitions. This is outlined here, more details can be 
found in [Domfnguez fc Duval 20T0| . This will not be used in the next sections. As usual a locally presentable 
category is a category C which is equivalent to the category of set-valued realizations (or models) of a 
limit sketch [Gabr iel fc Ulmer 1971j . In addition, a functor F: Ci — ?• C2 which is the left adjoint to the 
precomposition with some morphism of limit sketches [Ehresmann 1968] will be called a locally presentable 
functor. 
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• A diagrammatic logic is defined as a locally presentable functor L : S — > T such that its right adjoint 
R is full and faithful. This means that L is a localization, up to an equivalence of categories: it 
consists of adding inverse morphisms for some morphisms, constraining them to become isomorphisms 
[Gabriel fc Zisman 1967) . The categories S and T are called the category of specifications and the 
category of theories, respectively, of the diagrammatic logic L. A specification E presents a theory & 
if 8 is isomorphic to The fact that R is full and faithful means that every theory Q, when seen 
as a specification R{Q), presents itself. 

• A model M of a specification S in a theory is a morphism of theories M : LT, — > Q or equivalently, 
thanks to the adjunction, a morphism of specifications M: E — > i?0. 

• An entailment is a morphism t in S such that Lt is invertible in T; a similar notion can be found 
in [Makkai 1997| . An instance k of a specification Eq in a specification E is a cospan in S made of 
a morphism ct : Eq — ^ E' and an entailment r : E — > E'. It is also called a fraction with numerator 
a and denominator r [Gabriel fc Zisman 1967j . The instances can be composed in the usual way as 
cospans, thanks to pushouts in S. This forms the bicategory of instances of the logic, and T is, up 
to equivalence, the quotient category of this bicategory. An inference rule p with hypothesis "H and 
conclusion C is an instance of C in %. Then an inference step is a composition of fractions. 

• An inference system for a diagrammatic logic L is a morphism of limit sketches which gives rise to 
the locally presentable functor L. The elementary inference rules are the rules in the image of the 
inference system by the Yoneda contravariant functor. Then a derivation, or proof, is the description 
of a fraction in terms of elementary inference rules. 

• A morphism of logics F: Li ^ L2, where Li : Si — 5- Ti and L2 : S2 — 5- T2, is a pair of locally pre- 
sentable functors (F5, Ft) with F5 : Si S2 and Ft : Ti — > T2, together with a natural isomorphism 
Ft o Li = L2 o Fs induced by a commutative square of limit sketches. 

2.3 Diagrammatic logics for effects 

Now let us come back to computational effects. Our point of view is that a language with computational 
effect is a kind of language with an apparent lack of soundness: a language with computational effect is made 
of a syntax, called the apparent syntax, and a semantics which (in general) is not a model of the apparent 
syntax, together with some additional information which may be added to the apparent syntax in order to 
get another syntax, called the decorated syntax, such that the semantics is a model of the decorated syntax. 
This approach leads to a new point of view about effects, which can be seen as a generalization of the point 
of view of monads: the distinction between values and computations provided by the monad can be seen 
as a kind of decoration. In our framework every logic is sound (remark 12. 5p . and a computational effect is 
defined with respect to a span of logics, which means, a pair of morphisms of logics with the same domain. 

Definition 2.10. Let -E be a span in the category of simplified diagrammatic logics: 



We call Tapp the apparent logic, Tjcco the decorated logic and Toxpi the explicit logic. Let Goxpi denote the 
right adjoint of -Fexpi. A language with effect with respect to Z is a language Adoco = ('i'dcco, ©doco, -^^dcco) 
in Tdoco together with a theory Ooxpi h^ Tcxpi such that Odcco — GoxpiQcxpi- The apparent syntax of Adcco 
is ^•app = ^app^'doco in Tapp. The expansion of Adcco is the language Aoxpi = ($cxpi, ©cxpi, A^cxpi) in Toxpi 
with $oxpi = Foxpi^'doco and Mexpi = (pMdcco, where (p : Modxdeco (*dcco, ©dcco) Modx^.pi (^'cxpi, ©oxpi) is 
the bijection provided by the adjunction Fcxpi ^ Gcxpi- 
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Remark 2.11. Since a language with effect Ajoco is defined as a language on Tdoco, according to remark [^751 
it is sound. Similarly, the expansion Aoxpi of Ajoco is a language on Tcxpi, hence it is sound. Both languages 
are equivalent from the point of view of semantics, thanks to the bijection tp. This may be used for formalizing 
a computational effect when the decorated syntax corresponds to the programs while the explicit syntax does 
not, as in the bank account example in section [2.11 

Remark 2.12. It is tempting to look for a language Aapp = ($app, 6app, A4pp) on Tapp, where $app = 
-Fapp<&dcco is the apparent syntax of Adeco- However, in general such a language does not exist (as for instance 
in remark [3.4[) . 



3 States 

In the syntax of an imperative language there is no type of states (the state is "hidden" ) while the interpre- 
tation of this language involves a set of states St. More precisely, if the types X and Y are interpreted as 
the sets [[X]] and [[Y]], then each term f : X ^ Y is interpreted as a function [[/]] : [[X]] x St ^ [[Y]] x St. 
In Moggi's papers introducing monads for effects |Moggi 1989[ |Moggi 1991| such a term / : AT — >■ F is called 
a computation, and whenever the function [[/]] is [[/]](o) x 'idst for some [[/]](o) : [[AT]] — >■ [[Y]] then / is 
called a value. We keep this distinction, using modifier and pure term instead of computation and value, 
respectively. In addition, an accessor (or inspector) is a term f : X ^ Y that is interpreted by a function 
[[/]] = ([[/]](!), for some [[/]](!) : [[X]]xSt-^ [[Y]], where prr^^x]] ■ [[AT]] x 5't ^ S'Hs the projection. 

It follows that every pure term is an accessor and every accessor is a modifier. We will use the decorations 
(0), (1) and (2), written as superscripts, for pure terms, accessors and modifiers, respectively. Moreover, we 
distinguish two kinds of equations: when f,g:X^Y are parallel terms, then a strong equation f = g is 
interpreted as the equality [[/]] = [[g]] : [[X]] x St —i' [[Y]] x St, while a weak equation f ^ g is interpreted 
as the equality prl[[Y]] ° [[/]] = P^hlY]] ° M] ■ ii^]] x St ^ [[Y]], where prl[[Y]] ■ [[Y]] ^ St ^ [[Y]] is the 
projection. Clearly, both notions coincide on accessors, hence on pure terms. 



3.1 A span of logics for states 

Let Loc be a given set, called the set of locations. Let us define a span of logics for dealing with states (with 
respect to the set of locations Loc) denoted by Zst- 




In this section the subscript "st" will be omitted. First the decorated logic is defined, then the apparent logic 
and the morphism -Fkpp, and finally the explicit logic and the morphism -Fexpi. For each logic the definition 
of the morphisms of theories is omitted, since it derives in a natural way from the definition of the theories. 
In order to focus on the fundamental properties of states as effects, these logics are based on the monadic 
equational logic (as in example 12. 2p . 

The logic Tdcco is the decorated monadic equational logic for states (with respect to Loc), defined as 
follows. A theory Gdcco for this logic is made of: 

• Three nested monadic equational theories B^'^-' C O^^) C O^^-* with the same types, such that the 
congruence on 0*^°^ and on Q^^^ is the restriction of the congruence = on 8*^^''. The objects of any of 
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the three categories are called the types of the theory, the terms in 9^^^ are called the modifiers, those 
in > may be called the accessor s, and if they are in 9(0) they may be called the pure terms. The 
relations f = g are called the strong equations. 

An equivalence relation between parallel terms, which satisfies the properties of substitution and 
pure replacement (defined in figure H]). The relations / ~ g are called the weak equations. Every strong 
equation is a weak equation and every weak equation between accessors is a strong equation. 

A distinguished type 1 which has the following decorated terminality property: for each type X there 
is a pure term ( )x : X ^ 1 such that every modifier / : X — )■ 1 satisfies / ~ {)x- 

And 9 may have decorated products on Loc, where a decorated product on Loc is defined as a cone 
of accessors (g^ : F — >■ li)igLoc such that for each cone of accessors {fi : X yi)ieLoc with the same 
base there is a modifier {fj)jeLoc '. X -^Y such that qi o {fj)ji=Loc ^ fi for each i, and whenever some 
modifier g : X Y is such that qt o g /j for each i then g = {fj)jeLoc- 

Figure m provides the decorated rules for states, which describe the properties of the decorated theories. 
We use the following conventions: X,Y, Z, . . . are types, f,g,h,... are terms, /'^*') means that / is a pure 
term, /^^^^ means that / is an accessor, and similarly f^^'' means that / is a modifier (this is always the 
case but the decoration may be used for emphasizing). Decoration hypotheses may be grouped with other 
hypotheses: for instance, "/'■"'^•' ~ ff^^-*" means "Z^^-' and g^^^ and / ~ g". A decorated product on Loc is 
denoted by (gf^ : ^S" ^ 

Remark 3.1. There is no general replacement rule for weak equations: ii fi ^ f2 : X ^ Y and g -.Y ^ Z 
then in general <? o /i 7^ g ° f2, except when g is pure. 

Example 3.2. Let us derive the following rule, which says that ( )x is the unique accessor from X to 1, up 
to strong equations: 

(.-final) ^ ^ - ^ 



X 



The derivation tree is: 



X 



(0-final) 



(_final) •^;^^7^ (0-to-l) 

(^-to-.) 



X 



Now let us describe the "apparent" side of the span. The logic Tapp extends the monadic cquational 
logic as follows : a theory of Tapp is a monadic equational theory with a terminal object 1 which may have 
products on Loc (i.e., with their base indexed by Loc). The morphism -Fkpp '■ Tdoco — ^ Tapp maps each 
theory 9dcco of Tdoco to the theory 9app of Tapp made of: 

• A type X for each type X in 9dcco- 

• A term / : X — > F for each modifier f : X ^ Y \\\ 9deco (which includes the accessors and the pure 
terms), such that idx — for each type X and g o f = g o f iov each pair of consecutive modifiers 

• An equation f ^g for each weak equation f ^ g in 9doco (which includes the strong equations) . 



A product {qi : JJ- Y.j — > i^OigLoc for each decorated product (q-^^ : ^ ^ ^Oieioc in 9 



dcco- 
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Rules of the monadic cquatioiial logic, and: 



(0-to-l) ^ (l-to-2) L_ 

f(i) „(i) f(o) „(o) X 
(0-comp) 4 (l-comp) ^ (0-id) 



(5 o /)(!) ^-"-^ (5 o /)(0) i/o) .^^^ 

(~-refl) j-j (~-sym) ^ (^-trans) ^ ^ ^ 

^^ f:X^Y gir^g2:Y^Z /i - /2 : X ^ F g(o) : F ^ Z 

(~-subs) 7 J — — — (~-repl) 

giofr^g2of:X^Z go f^r^ g 0/2: X 

(=-to-^) j—^ (^-to-=) 

(final) - (0-final) (--final) ^j^^^ 

(tuple) 



Figure 4: Rules of the decorated logic for states 



Thus, the morphism Fapp blurs the distinction between modifiers, accessors and pure terms, as well as the 

distinction between weak and strong equations. In the following, the notation 'T^. will be omitted. 

It follows from the definition of Fapp that each rule of the decorated log ic T,^eco is mapped by -fapp 

to 

a rule of the apparent logic Tapp, so that Fapp is a morphism of diagrammatic logics. The morphism Fapp 
can be used for checking a decorated proof in two steps, by checking first that its image by Fapp is a proof 
in Tapp. 

Now let us describe the "explicit" side of the span. The logic Texpi extends the monadic equational 
logic as follows : a theory of Toxpi is a monadic equational theory with a distinguished object S, called the 
type of states, with a product-with-S' functor X x 5, and which may have products on Loc. The morphism 
-F'expi : Tdeco Texpi maps each theory Odeco = (0^°^ ^ e*^) C 6^^)) of Tdeco to the theory Oexpi of Texpi 
made of: 

• A type X for each type X in Odecol the projections from X x S are denoted by prlx : X x S ^ X 
and prrx : X x S ^ S. 

• A term f : X x S ^ Y x S for each modifier / : X — >■ F in 8deco, such that: 

— if in addition / is an accessor then there is a term /(i) : X x S ^Y such that / = {f{i),prrx), 
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— and if moreover / is a pure term then there is a term /(q) '■ X Y such that /(i) — /(o) o prlx ■ 
X X S -^Y, hence / = (/(q) o prlx,prrx) = /(o) x irfs- 

such that idx = ^'^jf xS '^'^'^ each type X and g ° f = g ° ,f for each pair of consecutive modifiers { f,g)- 

• An equation / ^giXxS*— ^yxS" for each strong equation f = g : X ^ Y in 6doco- 

• An equation prly ° f = prly og:XxS^Y for each weak equation f ^ g : X ^ Y in Sdcco- 

• A product {{qt)(i) : (11^^;) x S ^ Yi)i(=Loc for each decorated product {q'y^^ : HjYj Yi)i^Loc in 

©dcco- 

Thus, the morphism i^cxpi makes exphcit the meaning of the decorations, by introducing a "type of states" 
S. In the following, the notation ~. will sometimes be omitted (mainly for types). The morphism i^oxpi is 
such that each modifier / gives rise to a term / which may use and modify the state, while whenever / is 
an accessor then / may use the state but is not allowed to modify it, and when moreover / is a pure term 
then / may neither use nor modi:^ the state. When f = g then / and g must return the same result and 
the same state; when f g then / and g must return the same result but maybe not the same state. 

Remark 3.3. When / and g are consecutive modifiers, we have defined g ° f = ]) o f- Thus, when / and g 
are accessors, the accessor go f is such that g o f = {g{i), prVy) ° / = ° /: prry ° f) = {g(i) ° f, prrx), so 
that g o /jj^^ — gf^i-^ o f: we recognize the co-Kleisli composition of /(ij and 5(1) with respect to the comonad 
— X S. When / and g are pure then the pure term g o f is such that g o f^^^ — ^(-q-) o /(q). 
Altogether, the span of logics for states Zgt is summarized in figure [5] 



T ^^PP rpi -^cxpl rp 

J- app ^ J- dcco ^ J- cxpl 


f-X^Y 
f-X^Y 
f-X^Y 


modifier 
f-X^Y 
accessor 
/(I) :X^Y 

pure term 
/(o) -.X^Y 


f -.X X S ^Y X S 
f^.y.XxS^Y 
fio)-X^Y 


f = g:X^Y 
f = g:X^Y 


strong equation 
f = g:X^Y 
weak equation 
,f^g:X^Y 


J=g:XxS^YxS 
prly f = prly og:XxS^Y 



Figure 5: The span of logics for states 



3.2 States as effect 

Now let us introduce the operations and equations related to the states effect. We consider the semantics of 
states as the semantics of a language with effect, in the sense of definition 12.101 with respect to the span of 
logics for states Zst defined in section [Ql This language with effect Adcco,st — (*&d cco,st; €)dcco,st7 -^'^dcco,st 

) is 

defined below (the index "st" is omitted) in the following way: 

• first the apparent syntax $app, the decorated syntax $dcco and the explicit syntax $cxpi = fcxpi*i>dcco; 
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• then the exphcit theory 0cxpi and the exphcit semantics Moxpi : $oxpi ©oxpi, which form the 
expansion Acxpi of Adcco; 

• and finaUy the decorated theory Odoco = GoxpiQcxpi and the decorated semantics Afdcco ~ V^^-^cxpi, 
where (p : ModT($, ©) ModT'($', ©') is the bijection provided by the adjunction F -\ G. 

The apparent syntax $app is buih as fohows. For each location i there is a type Vi for the possible values 
of i and an operation U : 1 Vi for observing the value of i. These operations form a product on Loc 
(Zi : 1 — >■ Vi)i,£Loc, so that for each location i there is an operation : Vi —> 1, unique up to congruence, 
which satisfies the equations 

li o Ui = idvi : Vi ^ Vi 

Ij o Ui = Ij o {)y. : Vi Vj for each j ^ i 

Intuitively, this means that after Ui{a) is executed, the value of i is put to a and the value of j (for j ^ i) is 
unchanged. 

Remark 3.4. Let 8app be the category of sets seen as a theory of the apparent logic (with equality as 
congruence). Let us try to build progressively a model of $app in ©app. The type 1 must be interpreted as a 
singleton {*}, and for each i the interpretation of Vi is a set Yah. Thus, the interpretation of li is an element 
of Vali, and each interpretation of the V^'s and k's in ©app corresponds to a state, made of a value for each 
location; this is known as the states- as-models or states- as- algebras point of view [Gaudel et al. 1996] . This 
interpretation can be extended to Ui : V^i — >■ 1 in only one way: indeed Ui must be interpreted as the function 
which maps every value in Vah to *. It follows that, as soon as the set Vah is not a singleton, the equation 
li o Ui = idvi cannot be satisfied. Thus, the intended semantics of states cannot be a model of the apparent 
syntax 'I'app in ©app, as mentioned in remark [2. 121 

The decorated syntax $dcco is obtained by adding informations (decorations) to $app- It is generated by 
a type Vi and an accessor : 1 ^ Vi for each i G Loc, which form a decorated product (^^^ : 1 Vi)i,zLoc- 
The operations Ui's are decorated as modifiers and the equations as weak equations: 

if^ o ) ~ if^ o ( )(^^' : ^ Vj for each j^i ^ ' 

It follows from the rules of the decorated logic that in every decorated theory there is an interpretation for 
the Wi's, which is unique up to strong equations. As required, the apparent syntax $app = -Fapp^'dcco is 
recovered by dropping the decorations. 

Using the definition of -Fcxpi in section [3. 11 we get the explicit syntax $expi — ^expi'I'dcco- It is the theory 
in the explicit logic generated by a type Vi and a term li{i) : S ^ Vi for each i e Loc, which form a product 

{li{i) : S — > Vi)i^Loc- So, for each location i, the operation Ui : Vi x S S is defined up to congruence by 
the equations: 

li{i) °u.-L = prly^ -.ViX S -^Vi 

° = ° P^''^Vi '■ Vi X S ^ Vj for each j ^ i 

The explicit theory ©expi is made of the category of sets with the equality as congruence, with a distin- 
guished set St called the set of states, with cartesian products with St, and with a product on Loc with vertex 
St, denoted by {li : St — )■ Vali)i^Loc, so that St = IljeLoc ^olj- The explicit semantics Mexpi : $oxpi ~^ ©oxpi 
is the model (in the explicit logic) which maps S to St and, for each i g Loc, the type Vi to the set Vali and 
the operations h and Ui to the functions U and Ui, respectively. 

The decorated semantics Afdoco '■ 'I'doco ^ ©dcco is obtained from the explicit semantics Moxpi : 'I'expi 
©oxpi thanks to the adjunction i^oxpi ^ Goxpi- The decorated theory ©dcco = G'expi©cxpi has a type for 
each set, a modifier /^^^ : AT F for each function f : X x St ^ Y x St, an accessor Z*^^) : X ^ Y for 
each function f : X x St ^ Y and a pure term f^'^'^ : X ^ Y for each function f : X ^ Y , with the 
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straightforward conversions. It follows that there are in 6dcco, for each i S Loc, an accessor /f ^ : 1 Vak 
and a modifier uf^ : VaU 1, and that we get the model Mdcco — V^^M^xpi by mapping the type Vi to the 
set Vali, the accessor l^^^ to the function k and the modifier u^^^ to the function Ui, for each i G Loc. 

According to claim [TTTl the explicit model Moxpi provides the intended semantics of states. By adjunction, 
this is also the semantics of the decorated model Afdcco, hence the following result. 

Proposition 3.5. The language with effect Adcco.st provides the intended semantics of states. 

To conclude this section, the decorated logic is used for proving a fundamental property of states: when a 
state s is modified by updating a location i with its own value in s, then the resulting state is undistinguishable 
from s; this is the first of equations [2J It should be reminded that each decorated proof may be mapped to 
an equational proof either by dropping the decorations (using the morphism i^app) or by expliciting them 
(using the morphism i^expi)- In the first case one gets a correct proof which may be quite uninteresting, in 
the second case one gets a correct proof which may be quite complicated. 

Proposition 3.6. For every i £ Loc: 

Uj-^-* o l^^^^ = idf^ in the decorated logic 
in the explicit logic 

Proof. In the decorated logic, let us prove the weak equations Ij o Ui o U ^ Ij for each j G Loc; then the 
first result will follow from the rule for decorated products on Loc and the second result by applying the 
morphism i^expi- In the following decorated proofs, the rules for associativity and identities are omitted. 
When j = i, the substitution rule for yields: 

li o Ui ^ idy- 
(~-subs) ^- — 

li O Ui o li ~ li 

When j ^ I, using the substitution rule for ~ and the replacement rule for = we get: 




{)Vi oli = idt 

(=-rcpl) 



ljOUi^ljo{)v. ljO{)viOl 

(~-subs) (=-to-~) 

(f^-trans) 



Ij O Ui o li ^ Ij o { o li h ° ( ^^i ^ ^3 



Ij O Ui o li ^ Ij 

□ 



4 Exceptions 

It has been seen in section [1] that there is a duality between the semantics of states and the semantics of 
exceptions. A decorated language for states as effects has been designed in section [3l Now, in section |4?1] 
we define a decorated language for exceptions as effects simply by dualizing section [3l this provides the key 
operations for exceptions. Then in section 14.31 we check that the encapsulation of the key functions from 
section [T] may be performed in the decorated syntax. 

4.1 Dualizing states 

Let us dualize section [3l Let ExCstr be a given set, called the set of exception constructors. The span of 
logics for dealing with exceptions (with respect to ExCstr) is denoted by Zcxc^ 



L dcco,cxc 



T 



app,exc -L cxpl.exc 
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In this section the subscript "exc" wih be omitted. In order to focus on the fundamental properties of 
exceptions as effects, these logics are based on the monadic equational logic. Some additional features will 
be added in section 14.31 

A theory for the decorated monadic equational logic for exceptions Tdoco is made of: 

• Three nested monadic equational theories 9^°) C C 8(2) with the same types, such that the 
congruence on Q'^^^ and on 0*^^^ is the restriction of the congruence = on 9^^^ The objects of any of 
the three categories are called the types of the theory, the terms in G^^^^ are the catchers, those in 0'^^ 
are the propagators (or throwers) and those in Q^^^ are the pure terms. The relations f = g are called 
the strong equations. 

• An equivalence relation ~ between parallel terms, which satisfies the properties of replacement and 
pure substitution (as in figure IH]). The relations / ~ g are called the weak equations. Every strong 
equation is a weak equation and every weak equation between propagators is a strong equation. 

• A distinguished type (D which has the following decorated initiality property: for each type X there is 
a pure term []x '■ ^ X such that every catcher f : ^ X satisfies / ^ []x. 

• And may have decorated coproducts on ExCstr, i.e., cocones of propagators (g^ : Xi — X)ii=ExCstr 
such that for each cocone of propagators {fi : Xi Y)i^ ExCstr with the same base there is a catcher 
[fj]jeExCstr : X such that {fi)i(zExCstr ° Qi ^ fi for each i, and whenever some catcher g : X ^ Y 
is such that g ° Qi ^ fi for each i then g = [fj]jeExCstr- 

Figure [S] provides the decorated rules for exceptions, which describe the properties of the decorated 
theories. We use the following conventions: X,Y, Z, . . . are types, f,g,h,... are terms, /^°^ means that / 
is a pure term, /^^^ means that / is a propagator, and similarly /*^^) means that / is a catcher (used for 
emphasizing). A decorated coproduct on ExCstr is denoted by {q^^^ : Xi J2j 

Remark 4.1. There is no general substitution rule for weak equations: if / : AT — > F and gi ^ g2 : Y ^ Z 
then in general <?i o / 7*^ <?2 ° /, except when / is pure. 

On the "apparent" side of the span, a theory for the apparent logic Tapp is a monadic equational theory 
with an initial object (D which may have coproducts on ExCstr. The morphism Fapp : Tdoco Tapp maps 
each theory 6doco of Tdoco to the theory 6app of Tapp made of: 

• A type X for each type X in Gdoco- 

• A term / : A — > y for each catcher f : X Y in 9doco (which includes the propagators and the pure 
terms), such that idx — for each type X and g o f — g o f ioi each pair of consecutive catchers 

• An equation f = 'g for each weak equation f ^ g in Bdcco (which includes the strong equations) . 

• A coproduct {qi : Xi ^ J2j ^j)ieExCstr for each decorated coproduct {q^^^ : Xi JJj Xj)i^ExCstr in 

®doco- 

Thus, the morphism -Fkpp blurs the distinction between catchers, propagators and pure terms, and the 
distinction between weak and strong equations. In the following, the notation 7^. will be omitted. 

On the "explicit" side of the span, a theory for the explicit logic Toxpi is a monadic equational theory 
with a distinguished object E, called the type of exceptions, with a coproduct-with-i? functor X + E, 
and which may have coproducts on ExCstr. The morphism i^oxpi : Tdoco Tcxpi maps each theory 
Sdeco = (6(0) C 9(1) C 6(2)) of Tdoco to the theory Ooxpi of Toxpi made of: 

• A type X for each type X in Odoco; the coprojections in X + E are denoted by inlx : X ^ X + E and 
inrx : E ^ X + E. 
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Rules of the monadic cquatioiial logic, and: 
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Figure 6: Rules of the decorated logic for exceptions 

• A term f : X + E ^ Y + E for each catcher f : X in ©deco, such that: 

— if in addition / is a propagator then there is a term /(i) : X ^ Y + E such that / = [/(i)|mry], 

— and if moreover / is a pure term then there is a term /(q) : X — > F such that /(i) = inly o /(o) : 
X ^Y + E, hence / = [inly o /(o) |mrx] = /(o) + ids- 

and such that idx = id for each type X and g o f = g o f for each pair of consecutive catchers 
if, 9)- 

• An equation / = ^:X' + £'— ^F + E'for each strong equation / = 5 : X ^ F in Gdeco- 

• An equation / o inlx =9° inly : X Y + E for each weak equation / ~ g : X — >■ F in Gdeco- 

• A coproduct ((ft)(i) : (Xj -^j) + E)ieExCstr for each decorated coproduct : Xj 

eco* 

Thus, the morphism i^oxpi makes explicit the meaning of the decorations, by introducing a "type of excep- 
tions" E which does not appear in the syntax. In the following, the notation ~ will sometimes be omitted 
(mainly for types). The morphism i^cxpi is such that each catcher / gives rise to a term / which does not 
distinguish exceptions from ordinary values, while whenever / is a propagator then / may throw an exception 
but it must propagate exceptions, and when moreover / is a pure term then / must turn an ordinary value 
to an ordinary value and it must propagate exceptions. When f = g then / and g must coincide on ordinary 
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values and on exceptions; when f ^ g then / and g must coincide on ordinary values but maybe not on 
exceptions. 

Remark 4.2. When / and g are consecutive catchers, we have defined g o f = g o f- Thus, dually to 
remark 13. 3[ when / and g are propagators then the propagator g o f is such that g o f^-^^ is the Kleisli 
composition of /(i) and g^i) with respect to the monad — hi?, and when / and g are pure then the pure 
term g o / is such that g o /(q^ = ^(o) ° f{o)- 

Altogether, the span of logics for exceptions -Ecxc is summarized in figure [7l 



J- app ^ dcco ^ cxpl 


f:X^Y 
f:X^Y 


catcher 
f-X^Y 
propagator 

/(I) -.X^Y 
pure term 

/(o) -.X^Y 


f : X + E ^Y + E 
f^iy.X^Y + E 
7(0) -.X^Y 


f = g:X^Y 
f = g:X^Y 


strong equation 
f = g:X^Y 
weak equation 
f^g:X^Y 


f = g:X + E^Y + E 
f o inlx =g° inlx : X ^ Y + E 



acco.cxc 



Figure 7: The span of logics for exceptions 

Now we consider the semantics of exceptions as the semantics of a language with effect Ado 
('i'dcco.cxc, Bdcco,cxc, Mdcco,cxc) with respect to the span of logics Zoxc- 

The apparent syntax $app is built as follows. For each exception constructor i there is a type Pi for 
the possible parameters and an operation ti : Pi ^ <S) called the key thrower, for throwing an exception of 
constructor i. These operations form a coproduct on ExCstr [ti : Pi — > ^)ii^ExCstr, so that for each i there 
is an operation Ci : (D — P^, unique up to congruence), called the key catcher, which satisfies the equations 

■■P^^P^ 

: Pj — !■ Pi for each j ^ i 

Intuitively, this means that when Ci is called, the parameter of the previous call to ti (for the same i) is 
returned. 

The decorated syntax <l>dcco is obtained by adding informations (decorations) to 'i'app- It is generated 
by a type Pi and a propagator tf''^ : Pj — > for each i G ExCstr, which form a decorated coproduct 
{t^^ : Pi — > 'Q)ieExCstr- The operations q's are decorated as catchers and the equations as weak equations: 




^''ot^^^^d^^ ■.P.^^P. 

cf ^ o tji) r^[]^^K tf : Pj ^ P, for each j^i ^ ' 



It follows from the rules of the decorated logic that in every decorated theory there is an interpretation for 
the Ci's, which is unique up to strong equations. The apparent syntax $app ~ Papp'I'deco is recovered by 
dropping the decorations. The explicit syntax $oxpi = Pcxpi'I'dcco is the theory in the explicit logic generated 
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by a type Pi and a term i^f^) : Pi ^ E for each i G ExCstr, which form a coproduct : Pi E)i^ExCstr- 
So, for each i, the operation Ci : E Pi + E is defined up to strong equations by the weak equations: 

Ci o ~ inlp^ : Pi ^ Pi+ E 

Ci o tjf^^^ inrp. o tj^^^^ : Pj Pi + E for each j ^ i 

The exphcit theory Qcxpi is made of the category of sets with the equality as congruence, with a dis- 
tinguished set Exc called the set of exceptions, with disjoint unions with Exc, and with a coproduct on 
ExCstr with vertex Exc, denoted by {ti : Pari ~^ Exc)iizExCstr, so that Exc — J2j£ExCstr PO'fj- The explicit 
semantics Moxpi : 3>oxpi ©cxpi is the model (in the explicit logic) which maps E to Exc and, for each 
i £ ExCstr, the type Pi to the set Pari and the operations ti and Ci to the functions ti and respectively. 
The decorated semantics Mdoco '■ 'I'doco ~^ ©doco is obtained from the explicit semantics Mexpi : *&expi ©oxpi 
thanks to the adjunction Foxpi H Gcxpi- 

The next result is dual to proposition 13.61 it can be proved in the dual way, using the decorated logic 
for exceptions. It is the key lemma for proving proposition 14. 8[ which says that catching an exception of 
constructor i by throwing the same exception is like doing nothing. 

Proposition 4.3. For every i E ExCstr: 

^i^^ o cp-* = id'^^'^ in the decorated logic 
ti o Ci = id E in the explicit logic 



4.2 Extending the decorated logic 

In the previous section l4Tl the key operations tf'^'s and cp'''s have been defined; in the next section l473l thev 
will be used for building the decorated raising and handling operations. For this purpose, some rules must 
be added to the decorated logic for exceptions; this is done now. 

Definition 4.4. The decorated logic for exceptions Tdcco,cxc is extended as T^^^^ by adding the following 
rules. 

• For each point X there is a decorated sum X = X+O, in the sense that for each propagator g^^^ : X ^ Y 
and each catcher /c^^^ : d ^ Y there is a catcher [g \ fc]*^^^ : X ^ Y, unique up to strong equations, such 
that [g I ^ and [g \ fc]'^) o [](^' = fc(2). 




In addition, whenever /^^^ : (D — > F is a propagator (which implies that f^^'> = []y ) then [g\ f] : X Y 
is a propagator (so that the weak equation [g \ /J*^^^ ~ g^^^ is strong: [g \ /](^^ = g^^^). In particular, we 
win use the fact that [5(1) | []^'] = 5(1). 




23 



• For each catcher k^'^'^ : X ^ Y there is a propagator Vfe^""^-' : X — > F, unique up to strong equations, 
such that Vfc(i) 



^ 



Thus, whenever /'^-'^^ : X — "K is a propagator then V/^^-* = /'^^•'. 




Let us check that Tdoco,Gxc can be replaced by TJ^,^^ in the span of logics Zdeco: we have to check 
that both morphisms Fapp,dcco and Fexpi.deco map the new rules to rules in the apparent and in the explicit 
logic, respectively. This is obvious for the apparent logic, where k = []y, [g\k] = g and V f = f. For the 
exphcit logic, for each : X ^ Y + E and k : E ^ Y + E we have [g\k] = \k] : X + E ^ Y + E. 

It follows that [g| []y] =3, which propagates exceptions. And for each k : X + E ^ Y + E we have 
Vfc(i) = fc o inlx : X ^Y + E. 



4.3 Encapsulating exceptions 

This section is a "decorated version" of section FOl We show that the tj-^'^'s and c^'^'s are the key operations 
for dealing with exceptions in the decorated logic. More precisely, we prove that, for each constructor i, 
the raise operation is built from pure operations and a unique propagator ti, and the handle operation 
is built from propagators and a unique catcher Ci. There are at least two reasons for not using ti and 
Ci directly: firstly in a programming language there is usually no name and no intuition for the "empty" 
type (D, secondly the handling of exceptions is a powerful programming technique which must be carefully 
encapsulated: while most operations are allowed to throw exceptions, only some very special operations are 
allowed to catch exceptions. 

First, let us focus on raising exceptions. This operation is a propagator, it calls the key thrower t^^^ : 
Pi — 7- (D and "hides" the empty type by mapping it into the required type of results. 

Definition 4.5. For each i in ExCstr and each object y, the propagator ^^raise (or throw) an exception of 
constructor i in Y" is 

raise^^^ = throw\^l = o^!^^ : Pt Y 




Now, let us consider the handling of exceptions, which calls the key catchers s. Let f'-^^ : X ^ Y 
be some propagator. For handling exceptions of constructors raised by /, using propagators 

g[^^ : Pari-^ Y, . . . , gn ^ : Pari^ —5- Y , the handling process builds a propagator: 

{f handle ii^ gi \ ... | in ^ gn)*-^'' = {try{f} catchii {gi} catchi2 {g2} ■■■catchin {gn})^^^ 

which is also denoted in a more compact way as 

(/ handle (ife^.gfe)i<fc<„)'^^ = itry{f} catch ik{gk}i<k<n)'^^^ : X ^Y 
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Definition 4.6. For each propagator /^^^ : X ^ Y, each n > 1, each exception constructors ii, and 
each propagators g[^^ : Pj^ — y, ...,Sfi^^ : Pi„ — >■ Y, the propagator ^^handle the exception e raised in f, if 
any, with gi if e has constructor ii , otherwise with 52 if e has constructor i2, otherwise with gn if e has 
constructor in" , is 

(/ handle (ife=>5fe)i<fe<n)^^^ = {try{f} catch ik{gk}i<k<n)''^^ iX^Y 

defined as follows. 

1. The catchers {catch ik{gk}p<k<n)^^^ : — > F are defined recursively by 



{catch ik{gk}p<k<n) 



(2) _ jlgp^'' \ (catch ik{gk}p+i<k<n)^'^^]^^^ o whenp<n 



(1) (2) 



when p = n 




(14) 



where . . . stands for {catch ik{9k}p+i<k<n)^'^^ whenp < n and for [jy^ whenp = n, since [gn^ \ = 
yn ■ 

2. Then the catcher ff^^) : x ^Y m defined as 

= I {catch ik{gk}i<k<n)'^^^] o /^^^ :X^Y 



(15) 




catc/iifc{gfe}i<fc<„)' 



3. Finally the handling function is the propagator {S/H)^^^ 

{try{f} catch ik{gkh<k<n)^^^ = (Vif)« : X ^ F 

{try{f} catch ik{gk}i<k<n)'-^^ 



Altogether, we get: 



X 



H 



(2) 



(/ handle (//, ^.r//, )i<fc<„) 



(1) 



-^Y ■ 



[]<">t ^ - 

„(0>| 



-^Y 




(16) 
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When n = 1, this becomes smiply: 



(/ handle i^g)'^^^ = {try{f} catchi{g}Y^^ = V([idy 1 g o c,] o /) : X ^ Y 



(/ handle i^g) 



X 




It is easy to check that by applying the expansion morphism i^oxpi to the decorated definitions of raise 
and handle we get the exphcit description from section 11.21 diagrams [3l |4l [SJ [6l are mapped respectively 
to diagrams [131 Ull [13 [HI According to claim ll.5[ the explicit language Aoxpi,cxc provides the intended 
semantics of exceptions. By adjunction (remark |2. lip this is also the semantics of the language with effect 
Adcco.cxc: hence the following result. 

Proposition 4.7. The language with effect Adoco.cxc provides the intended semantics of exceptions. 



4.4 Some properties of exceptions 

The next proposition shows that catching an exception of constructor i by throwing the same exception is 
like doing nothing. Indeed, by expansion this result implies that in the semantics (as in section [1.2^ for all 

e e Exc , {catch i {throw iY}){e) = e G Exc C Y + Exc. 

Proposition 4.8. For every i G ExCstr, in the decorated logic: 

{catch i {throw i^y})^'^^ = 

Proof. Let g — throwi^y '. Pi ^ Y . By definition 14.61 we have catchi{g} = o Q : (D — > y, and since g 

is a propagator, by definition 14.41 we have [g|[]y] = g, so that catchi {5} = go a. By definition 14.51 we have 
throwi^Y = []y o ti : Pi ^ Y hence catch i {g} = []y oti o a, and since ti o a = ido by proposition 14. 31 we get 
catchi {throw i^y} = []y. 




(catch i { throWi Y }) 



□ 

Remark 4.9. The three propagators 

try{f} catchi {g} catch j {h} 
< try{try{f} catchi {g}} catch j {h} 
try{f} catchi {try{g} catch j {h}} 

do not behave in the same way: whenever f{x) raises an exception ti{a) of constructor i and g{a) raises 
an exception tj{b) of constructor j, the first propagator returns tj{b) (uncaught) while the second and the 
third ones return h{b); whenever f{x) raises an exception tj{b) of constructor j, the first and the second 
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propagators return h(b) while the third one returns tj(b) (uncaught). The differences can be seen from the 
diagrams. 

try{f} catch i {g} catch j {h} 




X 



try{try{fy catch i {5}} catch j {h} 




iry{/} catch i { try{g} catch j {h}} 



X 



[td\...] 




The next result is proved in appendix lA. 21 
Proposition 4.10. For every i,j G ExCstr, in the decorated logic: 

try{f} catch i {g} catch j {h} = try{f} catch j {h} catch i {g} if i ^ j 
try{f} catch i {g} catch i {h} = try{f} catch i {g} 

Remark 4.11. The catch construction is easily extended to a catch-all construction like catch(. . .) in 
C++. We add to the decorated logic for exceptions a pure unit type 1, which means, a type 1 such that for 
each type X there is a pure term {)x : ^ ^ 1, unique up to strong equations. Then we add a catcher 
'-all : f ^ 1 with the equations Caii otj ~ {)pj for every j 6 ExCstr, which means that Caii catches exceptions 
of the form tj{a) for every j and forgets the value a. For each propagators /^^^ : X ^ Y and 5'^' : 1 ^Y, 
the propagator ^^handle the exception e raised in f , if any, with is 

(/ handle all^g)*^^ = V([i(iy | g o Caii] o f) : X ^ Y 



(/ handle all=^g)<^' 




The semantics of the catch-all construction is easily derived from this diagram, as a function (/ handle all = 
g) : X ^ Y + Exc where Exc ~ "^j^ExCstr ^^^^o ^^"-^ .g : 1 — > K + Exc is a constant: 



27 



For each x E X + Exc, (/ handle a\\^g){x) <eY + Exc is defined by: 
ii X G Exc then return x G Exc C y + Exc; 
1 1 now X is not an exception 
compute y := f{x) G F + Exc; 
if y € Y then return y E Y C Y + Exc; 
1 1 now y is an exception 
return g E Y + Exc. 

This is indeed the required semantics of the "catch-all" construction. It may be combined with other catchers, 
and it follows from this construction that every catcher following a "catch-all" is syntactically allowed, but 
never executed. 

5 The duality 

The previous results are summarized in section 15.11 then some remarks about other semantical issues are 
outlined in section [5?2] 

5.1 Duality of states and exceptions as effects 

Given a set /, let -Zdcco.st be the span of diagrammatic logics for states with respect to the set of locations 
/ as defined in section 13.11 In this span, let Adeco,st be the language with effects for states as defined in 
section [3.21 Then proposition 13.51 states that Adeco,st provides the intended semantics of states. 

Given a set /, let 2deco,oxc be the span of diagrammatic logics for exceptions with respect to the set of 
exceptions constructors / as defined in section WA\ In this span, let Adcco,cxc be the language with effects 
for exceptions as defined in section 14.11 Then proposition 14.71 states that Adoco,oxc provides the intended 
semantics of exceptions. It should be reminded that the whole process of raising and handling exceptions 
does rely on the key functions ti and cf. this has been checked in section l473l 

Figure[8]recapitulates the properties of the functions lookup (li) and update {ui) for states on the left, and 
the properties of the functions key throw (ti) and key catch (q) for exceptions on the right. By expansion, 
figure [S] gives rise to figure [TJ Our main result (theorem 15.11) follows immediately; it means that the well- 
known duality between categorical products and coproducts can be extended as a duality between the lookup 
and update functions for states on one side and the key throwing and catching functions for exceptions on the 
other. The notion of opposite categories and duality is extended in the straightforward way to diagrammatic 
logics and to spans of diagrammatic logics. 

Theorem 5.1. With the previous notations, the span of diagrammatic logics Zc^c for exceptions is opposite 
to the span of diagrammatic logics Zst for states and the language with effects 6dcco,oxc for exceptions is dual 
to the language with effects 0deco,st for states. 

5.2 Other semantics 

Equations (|12p relating the key throw and catch operations may be oriented from left to right in order to get 
the usual operational semantics of exceptions: when an exception is thrown by some occurrence of ti, the 
execution jumps to the first occurrence of Ci and wipes out the pair {ti,Ci) and everything between them. 

In a dual way, equations (jlip relating the lookup and update operations may be oriented from left to 
right, but this does not provide the usual operational semantics of states. In fact, equations (|11|) are related 
to the Hoare-Floyd semantics of states: they give rise to the basic occurrences of the assignment axiom 
{G[e/X]} X :^e {G}, namely: 

{e = n} X := e {X = n} and {Y ^ n} X := e {Y = n} when Y ^X 

^From the decorated point of view, the value n is pure, the expressions e, e — n, X — n and Y = n are 
accessors, the command X := e is & modifier and the equalities are weak equations. The axioms mean that 
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States 



i £ Loc, Vak, 
1 terminal 







(0) 



Vah 



^ : 1 ^ Vah 
u?^ : Vah 1 



Vak 



id 



-> Val, 
Vah 



Vail — — > 1 — ^ Valj 



1 ■ 



id 



VaL 



U ^ i) 



Exceptions 



i G ExCstr, Pari, 
(D initial 
(D ^ Par, : 



Pari ■ t 
Pari -S— (D : c. 



(1) 

i 

(2) 



id 



Pari Po-^i 

Ci^ ~ '^id 

(D < Pari 



Pari 



Parj 
Pari 



ij ^ 



Figure 8: Duality of decorated syntax 



whenever e*^^^ ^ n^") then o u^-* o e*^"'^^ ~ n^°^ and o u^-* o e'^'^^ ~ iiY=/=X, which is easily derived 
from equations 1111 



Conclusion 

We have discovered a symmetry between the key notions underlying the effects of states and exceptions, 
thanks to our approach of computational effects relying on spans of diagrammatic logics. A consequence 
is that the duality principle can be applied for deriving properties of exceptions from the properties of 
states. Another consequence is that this symmetry provides a new point of view on exceptions, mainly by 
distinguishing the key catching operation from the surrounding conditionals in the handling process. 

This symmetry between states and exceptions is deeply hidden, which may explain that our result is, as 
far as we know, completely new. First, as seen in the paper, for states the key operations are visible, while 
for exceptions they are encapsulated. In addition, most features which we might want to add will contribute 
to hide the duality: this happens for instance simply when adding pure constants a*^"^ : 1 ^ Vi for states 
and a^°) : 1 ^ Pi for exceptions, not a'^^^ : Pi — ?• 0. Adding products on one side and coproducts on the 
other, as in appendix |Al preserves the duality. Adding both products and coproducts on either side preserves 
the duality, but the distributivity or extensivity property, which is usually assumed, does not preserve it. 
Adding exponentials in order to get a lambda-calculus would be desirable, but this might further obscure 
the duality. Many questions are still open, for instance about a similar duality applying for other effects, or 
about the combination of effects from this point of view. 
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A 

In this appendix we consider two equations for states: equations (6) and (3) in the list of equations [2] 
f section ll.ip . and the dual equations for exceptions, all of them in the decorated logic. In the decorated 
proofs below, the associativity and identity rules are skipped and the decoration of morphisms is often 
omitted. 

A.l States 

Equations (6) and (3) in the list El (section [TTT|) are: 

(6) 7^ j e Loc, Vs E St, a G Vak, b G Valj, Uj{b,Ui{a, s)) — Ui{a,Uj{b, s)) £ St 
(3) Vi G Loc, Vs G St, a, a' G Vah, Uila! ,Ui{a, s)) —Ui{a',s) G St 

Since these equations have two values as arguments, we will use the notion of semi-pure product from 
[Dumas et al. 2011] . In the decorated logic for states, the product of two objects A and B is an object Ay. B 
with two pure morphisms: the projections -nf^ : A y B ^ A and ttj"'' : A y B B, which satisfy the 
usual categorical product property with respect to the pure morphisms (so that, as usual, the projections 
TT^^-* : A X 1 — A and 'k^'^ : Ix B ^ B are isomorphisms). The product of two pure morphisms /^°^ : A ^ C 
and g*-*^-* : B ^ D is a pure morphism (/ x g)^^^ : A x B ^ C x D which is characterized, up to =, by: 

.r°(/x5)(")^/(")ovri°) 
4°^o(/xg)(°)^5(")o4°) 



Such a property, symmetric in / and g, cannot be satisfied by modifiers: indeed, the effect of building a pair 
of modifiers depends on the evaluation strategy. However, in IDumas et al. 2011] we define the semi-pure 
product of a pure morphism /'''^ : A ^ C and a modifier g^^'' : B ^ D, as& modifier (/Kg)^^) : AxB CxD 
which is characterized, up to =, by the following decorated version of the product property: 



4°) o (/ K 



/Wo 

(2) (0) 
9^ ' O TT^ 



PI 

P2 



A- 



A xB >C X D 



B- 
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The weak equations [TT] relating the functions (M^^'')ieLoc and {ll^'^)i£Loc will be used as axioms in the proof 
trees with the following labels: 

lPov<f^^^d^:^^V, Al 
o ) ^ ?W o{)^°y.V,^Vj for each j A2 



Equation (6) is expressed in the decorated logic as: 

(6)3t Vij^je Loc, uf^ o o {u^ X tdv,Y^^ = ^ o ° (^'^v, ^ Wj)'^) 
This strong equation is equivalent to the family of weak equations: 

(6)st,obs Vfc e Loc,yi 7^ j G Loc, l^^^ o uj^-* o ir^^ o (m x idvj)'"^^ ~ o Wi^'' ° ttJ"'' o (idvi '^jY^'^ 
So, let i, J, fc G ioc with i 7^ j. 

1. For fc 7^ i, J, the weak equation 

Zfc o Uj o 7r2 o (mj XI idvj ) h o OvixVj ■ 
is proven in Figure IHl (proof Pr4 ) . A symmetric proof shows that 

Zfc o o vTi o {idvi K Uj) ^ lk° Ov.xVj 
With the symmetry and transitivity of ^ this concludes the proof of equations (6)st.obs when k ^ 

2. When k — i, the weak equations 

li O Uj O 712 O {Ui X idVj ) TTl 
li O Ui O TTl O {idvi X Uj) ^ TTl 

are proven in Figure[TU] (proofs Pry and Prg ). With the symmetry and transitivity of this concludes 
the proof of equations (6)st,obs when k = i. The proof when k = j is symmetric. 

The diagrams in Figurcs[Tll together with the rules (=-to-~) and ('--^-trans) , provide a slightly different 
proof of the weak equations (6)st.obs- In these diagrams we use the derived rule (=-final) which has been 
proved in example 13.21 and (under the same name) its consequence 7ri = ()]ixx:lxX— j-l. 

Equation (3) is expressed in the decorated logic as: 

(3)st Vi e Loc, up ' o TT^") o {ui X zdvj^^^ = Mp ^ o irf^ 

which is equivalent to: 

(3)st,obs Vfc G Loc, \/i G Loc, l^j}^ o up-* o n^^^ o (uj xi idviY^'^ ^ 4^'' ° '"P'' ° "'2°'' 
We can again split the proof in two cases, with proof trees similar to those for equations (6)st,obs: 

1. When k ^ i, both sides reduce (in the ^ sense) to o ( )y. xy^ - 

2. When k = i, both sides reduce (in the ~ sense) to 7r2. 
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Proof Pri 



A2 



(~-subs) 



Ik ° Uj ^lk° {)Vj 



Ik o Uj o o (ui X idvj ) ~ Ik ° {}vj o 7r2 o (wi X idvj ) 



Proof Pr2 : 

m : 1 X Vj ^ 1 



(~-final) 

/ ^ n {)v,OT,2.1xVj^l 7ri-()ixv,- ^ 
(~-final) — — (~-sym) 

(~-trans) 



(0-to-l) 



(~-to-=) 



/ \ (0) (0) (0) 



{}Vj °7r2 = TTl ^^^^^^ p2 

{}vj o 7r2 o (wi X idvj ) = TTl o (-Ui XI idvj ) o (wi X idvj ) s o tti 
— (s-trans) 

(jVj 0-K2 (Ui X 'idVj ) = Ui ° 71"! 

(=-r6pl) 

IkO {)Vi °V2°(Ui X idvi )=lk°UiO TTl 

(s-to-~) 

lk°{)Vj O 7r2 O {ui X idVj ) ~ ifc O Mi O TTl 



Proof Prs 



(~ final) ; V, X 























Ovi O TTl = 






A2 






'fc ° {)Vi-XVj 


Ik ° Ui 








lk° { )ViXVj 


Zfc O Wj O TTl 


~ h 


° {)Vi OTTl 




Ik °Ui O TTl 









(0-to-l) 

(~-to-s) 

(=-subs) ■ 

(=-to-~) — ^ — ; — — — — — ^ — — - — (~-subs) 

(^-trans) 



Proof Pr4 : 

I'll I'r 



(^-trans) 

Ik o Uj o 7r2 o {ui X idvj ) ~ /fe o o tti Prs 

(~-trans) ; 

Ik ° Uj o 7r2 o {Ui X idvA ^ lk° { )vixVj 



Figure 9: Case k ^ i,j (with i ^ j) 
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Proof Prs 



— ^ (—final) 

/\{0) (0) /\(()) ^ ' 

—rr — (-to-=) 

A2 \)Vj °7r2 = QixVj ^^^j^ 

^ UoUj ho {)vj h O {)vj O TV2 = h O {)lxVj ^_ ^ ^ 

k o Uj o 7r2 o (ui XI idvi ) ^ h o {)vi ° 1^2 ° {ui ^ idy. ) ° ( )v, ° ^2 ~ o { }ixVj 

(^-trans) — ; 

h o Uj o 7r2 o [Ui X idv. ) ~ o ( )ix v,- o (wj x idv. ) 



Proof Pre : 



(-final) "^^""^^ 

(0-to-l) 
(~-to-s) 



\ /IXVj 




\/lxVj 





g^j^g^ {)i-XVj = "^1 P2 

( )ixv ° (wj X idvi) s TTi o (ui X idvi) 7i"i o (uj x idy,) s m, o tti 
(=-trans) ^ 

{)lxVj O (Ui » tdVj) = Ui O TTt 

(s-subs) 



(s-subs) 

k o {)ixVj o (ui X idvj) = liOUi 

li ° {)ixVj ° {ui X idvj) ^ houi 



O TTl 
O TTl 



Proof Pr7 



Al 

/ , N Prs Pre h o m ~ idvi , , , 
(—trans) — ; (—subs) 

li O Uj O 7^2 O (Ui X idVj ) ~ tj O Uj O TTl <i O Uj O TTl ~ TTl 

(—trans) 

h O Uj 0-K2° (Ui X idvj ) ~ TTl 



Proof Prg 



Al PI 

li OUi ~ idvf TTl O {idVi K Wj) ~ TTl 

(~-subs) — — — (~-sym) 

. . li o Ui o m o [idvi X Uj) ~ tti o [idvi x Uj) tti ~ tti o (idvi x m,) 

(~-trans) 

li o Ui o m o (idvi X Uj) ~ m 



Figure 10: Case k = i (with i ^ j) 
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Proof Pr4 



Proof Pr7 



Proof Prg 



Vi X V, 



Ui-Aid 7r2 

\ 1 X T^- \ Vj 







1 ■ 



1 ■ 



^ 1 X ^ Vj — ^ 1 ■ 



1 X Vi 



X Vj 

II 

Vi X Vj 
II 

Vi X y,- 



V X 



y X V 



Vi X y 



^ 1 X y 



1 ■ 



1 



II 

Vi 

-^Vi 





1 ■ 







1 ■ 



-4 1 ■ 







Vi X 1^- ^ 1 X Vj- 







Fi 



Vi X l/j — ). 1 X y^ ). Vj —-^ 1 



ixy,- 



y X 1^- ^ > 1 X Vj 



1 



1 ■ 



-^Vi 



^Vi 

II 

Vi 



id 



Vi X y 



Vi X y 



y X Vi 



VixVj':^ViXl^V 



Vi 



V, X V 



Vi X y,- 



-^ViXl- 

TTl 



II A2 

-^Vk 

II (~-subs) 



(=-final) 
(=-subs) , (=-repl) 



-^Vk 









P2 






i= 


-repl) 


^Vk 








1 




A2 


^Vk 








1 




-subs) 


^Vk 










{= 


-final) 






{= 


-repl) 



^Vk 



^Vi 



>1 — '-^Vi 



^Vi 



1 

-^t^UVi 
II 

>v 



A2 
(~-subs) 
(=-final) 
(=-subs) , (=-repl) 

P2 
(=-repl) 

Al 
(~-subs) 



-^1 — "-^Vi 
II 

id 



^Vi 



^Vi 



^Vi 



Al 
(~-subs) 
PI 



Figure 11: Proofs as diagrams 
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A. 2 Exceptions 



Dually, we get the decorated equations for exceptions. In the decorated logic for exceptions, the coproduct 
of two objects A and B is an object A + B with two pure morphisms: the coprojections : A ^ A + B and 
l'^'^ : B ^ A + B, which satisfy the usual categorical coproduct property with respect to the pure morphisms. 
So, as usual, the coprojections ij"-* : A — ^ ^ + (D and 



,(0) 



B 



coproduct of a pure morphism : A 
(for simplicity we still use the symbol 
of the coproduct property: 



) + B are isomorphisms. The semi-pure 
' C and a catcher 5(2) B D is a catcher {f+g)^^^ : A+B C+D 
) which is characterized, up to =, by the following decorated version 



if + 9) 
if + 9) 



of 



(0) 




Now, the equations (6)exc and (3)cxc, dual to equations (6)st and (3)st, can be proved in the dual way. 



(6)c 
(3)c 



yi^je ExCstr, (c, + idp^ o 4°^ o cf = [idp^ + Cj)^^) o 4°^ o cf ^ 
Vi e ExCstr, (c, + idpj(2) o 4°^ o cf ^ = 4"^ ° cf ^ 



Proposition 14. lOl can be proved by encapsulating these equations, if it is assumed that the coproducts in 
the decorated logic are coproducts for the propagators. This means that for each propagators g^^^ : A C 
and /i^^^ : B ^ C there is a propagator [g | /ij^^^ : A + _B ^ C which is characterized, up to =, by: 



(1) 



■,(1) 



[9\h] 
[5|;i]Wo4°)EE/i(i) 



Proposition 14. 101 states that: 

(6)cxc,oncaps ^ j ^ ExCstr, try{f} catch i {g} catch j {h} = try{f} catch j {h} catch i {g} 
(3)cxc,oncaps Vi £ ExCstr, try{f} catch i {g} catch i {h} = try{f} catchi {g} 

where, according to definition 14.61 

e ExCstr, try{f} catchi {g} catch j {h} — S/[[id \ [g \ h o Cj] o a] o /) 
Vi e ExCstr, try{f} catchi {g} — \/([id \ g ° Ci] o f) 
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{try{f} catch i {g} catch j {^})'-^' 




tY X 



{try if} catch i{g})^^^ 



Proof of proposition \4-10\ It is easy to check that 

[g \ho Cj] = [g \h]o {idp^ + cj) 
then it follows from (6)oxc and (3)cxc that 

Vi J^j, [g\ho Cj] oci = [h \ go a] o cj 
Vi, [g\hoci\oci=go a 



[id I c)OCi]<^) 



which implies (6) 



cxc,encaps 



and (3) 



cxc,ciicaps: 



as required. 
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